/*
# Copyright 2018 Google Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
################################################################################
*/

#include <cstdint>
#include <stdlib.h>
#include <string.h>
#include <inttypes.h>

#include <mupdf/fitz.h>

#define ALIGNMENT 16
#define MAX_ALLOCATION (1024 * 1024 * 1024)

static uint64_t total = 0;

static void *
fz_malloc_ossfuzz(void *opaque, size_t size)
{
	char *ptr = NULL;

	if (size == 0)
		return NULL;
	if (size > SIZE_MAX - ALIGNMENT)
		return NULL;

	if (size > MAX_ALLOCATION - ALIGNMENT - total)
		return NULL;

	ptr = (char *) malloc(size + ALIGNMENT);
	if (ptr == NULL)
		return NULL;

	memcpy(ptr, &size, sizeof(size));
	total += size + ALIGNMENT;

	return ptr + ALIGNMENT;
}

static void
fz_free_ossfuzz(void *opaque, void *ptr)
{
	size_t size;

	if (ptr == NULL)
		return;

	ptr = ((char *) ptr) - ALIGNMENT;

	memcpy(&size, ptr, sizeof(size));
	total -= size - ALIGNMENT;
	free(ptr);
}

static void *
fz_realloc_ossfuzz(void *opaque, void *old, size_t size)
{
	size_t oldsize;
	char *ptr;

	if (old == NULL)
		return fz_malloc_ossfuzz(opaque, size);
	if (size == 0)
	{
		fz_free_ossfuzz(opaque, old);
		return NULL;
	}
	if (size > SIZE_MAX - ALIGNMENT)
		return NULL;

	old = ((char *) old) - ALIGNMENT;
	memcpy(&oldsize, old, sizeof(oldsize));

	if (size > MAX_ALLOCATION - total + oldsize)
		return NULL;

	ptr = (char *) realloc(old, size + ALIGNMENT);
	if (ptr == NULL)
		return NULL;

	total -= oldsize + ALIGNMENT;
	memcpy(ptr, &size, sizeof(size));
	total += size + ALIGNMENT;

	return ptr + ALIGNMENT;
}

static fz_alloc_context fz_alloc_ossfuzz =
{
	NULL,
	fz_malloc_ossfuzz,
	fz_realloc_ossfuzz,
	fz_free_ossfuzz
};

extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
  fz_context *ctx = fz_new_context(&fz_alloc_ossfuzz, nullptr, FZ_STORE_DEFAULT);

  fz_stream *stream = NULL;
  fz_document *doc = NULL;
  fz_pixmap *pix = NULL;

  fz_var(stream);
  fz_var(doc);
  fz_var(pix);

  fz_try(ctx) {
    fz_register_document_handlers(ctx);
    stream = fz_open_memory(ctx, data, size);
    doc = fz_open_document_with_stream(ctx, "pdf", stream);

    for (int i = 0; i < fz_count_pages(ctx, doc); i++) {
      pix = fz_new_pixmap_from_page_number(ctx, doc, i, fz_identity, fz_device_rgb(ctx), 0);
      fz_drop_pixmap(ctx, pix);
      pix = NULL;
    }
  }
  fz_always(ctx) {
    fz_drop_pixmap(ctx, pix);
    fz_drop_document(ctx, doc);
    fz_drop_stream(ctx, stream);
  }
  fz_catch(ctx) {
  }

  fz_drop_context(ctx);

  return 0;
}
